from:"lists\+php at box dot cz"

#30188 [Bgs->Csd]: open_basedir check is badly performed under some circumstances

2004-11-28 Thread lists+php at box dot cz

 ID:   30188
 User updated by:  lists+php at box dot cz
 Reported By:  lists+php at box dot cz
-Status:   Bogus
+Status:   Closed
 Bug Type: Filesystem function related
 Operating System: Linux (Gentoo, latest)
 PHP Version:  5.0.1
 New Comment:

My final words would be:

Function, that does basedir check differently based on (non)existence
of the file (which is) being checked, is flawed.

I'm putting my hands off it ... to ensure your precious time won't be
wasted. After all -1 happy_user/advocate means nothing compared to
solving real issues like adding more entropy to PHP sources or changing
parameter passing again ;-)

Btw, this attitude kinda reminds me "don't live with broken windows"
from "The Pragmatic Programmer" (and if you don't know what that means,
all the more reason not to mess with this [in your opinion absolutely
correct] behaviour of basedir check).

Luckily enough there's enough alternatives to this whole PHP thing.


Previous Comments:


[2004-11-28 17:28:15] [EMAIL PROTECTED]

Using "/home/wejn/x/docs/html:/home/wejn/x/docs1/html" as value of
open_basedir is senseless, as it's similar to
"/home/wejn/x/docs/html:/home/wejn/x/docs/html", because open_basedir's
values are resolved too.

Obviously PHP cannot resolve "/home/wejn/x/docs1/html/y" as it even
doesn't exist, so it compares non-existing "/home/wejn/x/docs1/html/y"
to "/home/wejn/x/docs/html/" and reports that they aren't the same.

Please, stop reopening this report and begin to respect people that
wasting their own free time to help you.

----

[2004-11-28 16:58:48] lists+php at box dot cz

No, you're simply WRONG:

"->All symbolic
links are resolved, so it's not possible to avoid this restriction
with
a symlink.<-"

because my open_basedir is set to: 

"/home/wejn/x/docs/html:/home/wejn/x/docs1/html"

therefore the file lies in basedir either way, when I call:

copy("/home/wejn/x/docs/html/x", "/home/wejn/x/docs/html/y");

It's a bug and I would expect someone with email "@php.net" to at least
READ MY BUGREPORT. I feel a bit stupid when I have to repeat myself over
and over again, because you simply assume from beginning that I'm wrong
(and the only action you do is actually telling me bullshit about
RTFM).

I did RTFM, but your implementation simply doesn't correspond with the
things written in TFM.

[offensive]
Anyway, I don't care about PHP anymore - I have better things to do
than pushing you to at least read what you're responding to ... btw,
responding to bugreports after 2 months is really, really wonderful.
Better than never, though.
[/offensive]



[2004-11-28 15:16:38] [EMAIL PROTECTED]

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

"When a script tries to open a file with, for example, fopen() or
gzopen(), the location of the file is checked. When the file is outside
the specified directory-tree, PHP will refuse to open it. ->All symbolic
links are resolved, so it's not possible to avoid this restriction with
a symlink.<-"

http://www.php.net/manual/en/features.safe-mode.php#ini.open-basedir

You have to copy file to "/home/wejn/x/docs1/html/" instead of it's
symlink if want open_basedir to work properly.



[2004-10-14 12:10:46] lists+php at box dot cz

> > Maybe it would be better to perform open_basedir check
> > just on dirs
> > instead of files (in various filesystem functions)?

> No, because it's sometimes vital to have files in
> open_basedir to allow acces to one specific file without
> the need to put it  into a directory for its own.

OK ... but the rest still applies. The code is obviously broken. And
sorry, folks @ php.net ... but if I would ever use PHP in production, I
would expect bugs to be solved in timely fashion, not after 6 months of
waiting as "open" (or even not solved at all).

It imho says all the "right" things about PHP - it's still toy, it has
(almost) no support, nobody really cares about users' aches, ...

It's simply another hack-it-yourself-or-shut-up thingie ... but I'm
probably crying on wrong shoulder here, anyway. :)



[2004-10-14

#30188 [Bgs->Opn]: open_basedir check is badly performed under some circumstances

2004-11-28 Thread lists+php at box dot cz

 ID:   30188
 User updated by:  lists+php at box dot cz
 Reported By:  lists+php at box dot cz
-Status:   Bogus
+Status:   Open
 Bug Type: Filesystem function related
 Operating System: Linux (Gentoo, latest)
 PHP Version:  5.0.1
 New Comment:

No, you're simply WRONG:

"->All symbolic
links are resolved, so it's not possible to avoid this restriction
with
a symlink.<-"

because my open_basedir is set to: 

"/home/wejn/x/docs/html:/home/wejn/x/docs1/html"

therefore the file lies in basedir either way, when I call:

copy("/home/wejn/x/docs/html/x", "/home/wejn/x/docs/html/y");

It's a bug and I would expect someone with email "@php.net" to at least
READ MY BUGREPORT. I feel a bit stupid when I have to repeat myself over
and over again, because you simply assume from beginning that I'm wrong
(and the only action you do is actually telling me bullshit about
RTFM).

I did RTFM, but your implementation simply doesn't correspond with the
things written in TFM.

[offensive]
Anyway, I don't care about PHP anymore - I have better things to do
than pushing you to at least read what you're responding to ... btw,
responding to bugreports after 2 months is really, really wonderful.
Better than never, though.
[/offensive]


Previous Comments:


[2004-11-28 15:16:38] [EMAIL PROTECTED]

Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.php.net/manual/ and the instructions on how to report
a bug at http://bugs.php.net/how-to-report.php

"When a script tries to open a file with, for example, fopen() or
gzopen(), the location of the file is checked. When the file is outside
the specified directory-tree, PHP will refuse to open it. ->All symbolic
links are resolved, so it's not possible to avoid this restriction with
a symlink.<-"

http://www.php.net/manual/en/features.safe-mode.php#ini.open-basedir

You have to copy file to "/home/wejn/x/docs1/html/" instead of it's
symlink if want open_basedir to work properly.



[2004-10-14 12:10:46] lists+php at box dot cz

> > Maybe it would be better to perform open_basedir check
> > just on dirs
> > instead of files (in various filesystem functions)?

> No, because it's sometimes vital to have files in
> open_basedir to allow acces to one specific file without
> the need to put it  into a directory for its own.

OK ... but the rest still applies. The code is obviously broken. And
sorry, folks @ php.net ... but if I would ever use PHP in production, I
would expect bugs to be solved in timely fashion, not after 6 months of
waiting as "open" (or even not solved at all).

It imho says all the "right" things about PHP - it's still toy, it has
(almost) no support, nobody really cares about users' aches, ...

It's simply another hack-it-yourself-or-shut-up thingie ... but I'm
probably crying on wrong shoulder here, anyway. :)



[2004-10-14 11:51:28] evp at heise dot de

> Maybe it would be better to perform open_basedir check just 
> on dirs
> instead of files (in various filesystem functions)?

No, because it's sometimes vital to have files in open_basedir to allow
acces to one specific file without the need to put it  into a directory
for its own.



[2004-09-21 23:50:28] lists+php at box dot cz

Description:

My setup:
document root is: "/home/wejn/x/docs/html/".

While "/home/wejn/x/docs/html/" is symlink to:
"/home/wejn/x/docs1/html/".

I have safe_mode enabled and open_basedir set to
"/home/wejn/x/docs/html:/home/wejn/x/docs1/html".

With this setup I'm unable to perform:

copy("/home/wejn/x/docs/html/x", "/home/wejn/x/docs/html/y");

when "y" doesn't exist. If I touch "y" prior running the
script, everything runs just fine.

IMO, there is problem with symlink resolving code somewhere under 
php_check_specific_open_basedir().

It seems to me that more precise location of the bug is somewhere in
virtual_file_ex() regarding the realpath() call.

Maybe it would be better to perform open_basedir check just on dirs
instead of files (in various filesystem functions)?

Btw, this problem exists also in 4.3.8, which makes me think that it's
there for a LONG time ... unnoticed.

W.

Reproduce code:
---
// when all conditions described above are met, this fails:
copy('/home/wejn/x/docs/html/x', '/home/wejn/x/docs/html/y');

Expected result:
-

#30188 [Opn]: open_basedir check is badly performed under some circumstances

2004-10-14 Thread lists+php at box dot cz

 ID:   30188
 User updated by:  lists+php at box dot cz
 Reported By:  lists+php at box dot cz
 Status:   Open
 Bug Type: Filesystem function related
 Operating System: Linux (Gentoo, latest)
 PHP Version:  5.0.1
 New Comment:

> > Maybe it would be better to perform open_basedir check
> > just on dirs
> > instead of files (in various filesystem functions)?

> No, because it's sometimes vital to have files in
> open_basedir to allow acces to one specific file without
> the need to put it  into a directory for its own.

OK ... but the rest still applies. The code is obviously broken. And
sorry, folks @ php.net ... but if I would ever use PHP in production, I
would expect bugs to be solved in timely fashion, not after 6 months of
waiting as "open" (or even not solved at all).

It imho says all the "right" things about PHP - it's still toy, it has
(almost) no support, nobody really cares about users' aches, ...

It's simply another hack-it-yourself-or-shut-up thingie ... but I'm
probably crying on wrong shoulder here, anyway. :)


Previous Comments:


[2004-10-14 11:51:28] evp at heise dot de

> Maybe it would be better to perform open_basedir check just 
> on dirs
> instead of files (in various filesystem functions)?

No, because it's sometimes vital to have files in open_basedir to allow
acces to one specific file without the need to put it  into a directory
for its own.

------------------------

[2004-09-21 23:50:28] lists+php at box dot cz

Description:

My setup:
document root is: "/home/wejn/x/docs/html/".

While "/home/wejn/x/docs/html/" is symlink to:
"/home/wejn/x/docs1/html/".

I have safe_mode enabled and open_basedir set to
"/home/wejn/x/docs/html:/home/wejn/x/docs1/html".

With this setup I'm unable to perform:

copy("/home/wejn/x/docs/html/x", "/home/wejn/x/docs/html/y");

when "y" doesn't exist. If I touch "y" prior running the
script, everything runs just fine.

IMO, there is problem with symlink resolving code somewhere under 
php_check_specific_open_basedir().

It seems to me that more precise location of the bug is somewhere in
virtual_file_ex() regarding the realpath() call.

Maybe it would be better to perform open_basedir check just on dirs
instead of files (in various filesystem functions)?

Btw, this problem exists also in 4.3.8, which makes me think that it's
there for a LONG time ... unnoticed.

W.

Reproduce code:
---
// when all conditions described above are met, this fails:
copy('/home/wejn/x/docs/html/x', '/home/wejn/x/docs/html/y');

Expected result:

no error.

Actual result:
--
Warning: copy() [function.copy]: open_basedir restriction in effect.
File(/home/wejn/x/docs/html/y) is not within the allowed path(s):
(/home/wejn/x/docs/html:/home/wejn/x/docs1/html) in
/home/wejn/x/docs1/html/index.html on line 2

Warning: copy(/home/wejn/x/docs/html/y) [function.copy]: failed to open
stream: Operation not permitted in /home/wejn/x/docs1/html/index.html on
line 2





-- 
Edit this bug report at http://bugs.php.net/?id=30188&edit=1

#30188 [NEW]: open_basedir check is badly performed under some circumstances

2004-09-21 Thread lists+php at box dot cz

From: lists+php at box dot cz
Operating system: Linux (Gentoo, latest)
PHP version:  5.0.1
PHP Bug Type: Filesystem function related
Bug description:  open_basedir check is badly performed under some circumstances

Description:

My setup:
document root is: "/home/wejn/x/docs/html/".

While "/home/wejn/x/docs/html/" is symlink to:
"/home/wejn/x/docs1/html/".

I have safe_mode enabled and open_basedir set to
"/home/wejn/x/docs/html:/home/wejn/x/docs1/html".

With this setup I'm unable to perform:

copy("/home/wejn/x/docs/html/x", "/home/wejn/x/docs/html/y");

when "y" doesn't exist. If I touch "y" prior running the
script, everything runs just fine.

IMO, there is problem with symlink resolving code somewhere under 
php_check_specific_open_basedir().

It seems to me that more precise location of the bug is somewhere in
virtual_file_ex() regarding the realpath() call.

Maybe it would be better to perform open_basedir check just on dirs
instead of files (in various filesystem functions)?

Btw, this problem exists also in 4.3.8, which makes me think that it's
there for a LONG time ... unnoticed.

W.

Reproduce code:
---
// when all conditions described above are met, this fails:
copy('/home/wejn/x/docs/html/x', '/home/wejn/x/docs/html/y');

Expected result:

no error.

Actual result:
--
Warning: copy() [function.copy]: open_basedir restriction in effect.
File(/home/wejn/x/docs/html/y) is not within the allowed path(s):
(/home/wejn/x/docs/html:/home/wejn/x/docs1/html) in
/home/wejn/x/docs1/html/index.html on line 2

Warning: copy(/home/wejn/x/docs/html/y) [function.copy]: failed to open
stream: Operation not permitted in /home/wejn/x/docs1/html/index.html on
line 2

-- 
Edit bug report at http://bugs.php.net/?id=30188&edit=1
-- 
Try a CVS snapshot (php4):   http://bugs.php.net/fix.php?id=30188&r=trysnapshot4
Try a CVS snapshot (php5.0): http://bugs.php.net/fix.php?id=30188&r=trysnapshot50
Try a CVS snapshot (php5.1): http://bugs.php.net/fix.php?id=30188&r=trysnapshot51
Fixed in CVS:http://bugs.php.net/fix.php?id=30188&r=fixedcvs
Fixed in release:http://bugs.php.net/fix.php?id=30188&r=alreadyfixed
Need backtrace:  http://bugs.php.net/fix.php?id=30188&r=needtrace
Need Reproduce Script:   http://bugs.php.net/fix.php?id=30188&r=needscript
Try newer version:   http://bugs.php.net/fix.php?id=30188&r=oldversion
Not developer issue: http://bugs.php.net/fix.php?id=30188&r=support
Expected behavior:   http://bugs.php.net/fix.php?id=30188&r=notwrong
Not enough info: http://bugs.php.net/fix.php?id=30188&r=notenoughinfo
Submitted twice: http://bugs.php.net/fix.php?id=30188&r=submittedtwice
register_globals:http://bugs.php.net/fix.php?id=30188&r=globals
PHP 3 support discontinued:  http://bugs.php.net/fix.php?id=30188&r=php3
Daylight Savings:http://bugs.php.net/fix.php?id=30188&r=dst
IIS Stability:   http://bugs.php.net/fix.php?id=30188&r=isapi
Install GNU Sed: http://bugs.php.net/fix.php?id=30188&r=gnused
Floating point limitations:  http://bugs.php.net/fix.php?id=30188&r=float
MySQL Configuration Error:   http://bugs.php.net/fix.php?id=30188&r=mysqlcfg

#30188 [Bgs->Csd]: open_basedir check is badly performed under some circumstances

#30188 [Bgs->Opn]: open_basedir check is badly performed under some circumstances

#30188 [Opn]: open_basedir check is badly performed under some circumstances

#30188 [NEW]: open_basedir check is badly performed under some circumstances

4 matches

Site Navigation

Mail list logo

Footer information